Is there a Google authenticator API

Question

I am trying to create a web app that is using a two-factor authenticator using the google authenticator, so my question is, is there an api for google authenticator?

Answer 1

There are plenty of examples of how to create your own client for Google Authenticator, however, you can also use an API, which may be easier.

Firstly, you create a QR code to pair with, combined with your app description, and a secret code as follows;

https://www.authenticatorApi.com/pair.aspx?AppName=MyApp&AppInfo=John&SecretCode=12345678BXYT

Then, once the user has paired, you can validate their PIN using the validate API call;

https://www.authenticatorApi.com/Validate.aspx?Pin=123456&SecretCode=12345678BXYT

The source code for this API is available as open source on GitHub here; https://github.com/infiniteloopltd/AuthenticatorAPI.com

Answer 2

Yes, a quick go-through:

1. Your users download Google Authenticator app https://apps.apple.com/us/app/google-authenticator/id388497605 or https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US

2. You generate a "secret" code on behalf of your user:

   https://google-authenticator.p.rapidapi.com/new/

   Server will return you the secret code (e.g. "GXPTBCTI4DX4UFJB"), keep the code, because you'll need it at steps 3 and 4.

3. You generate QR codes for your users via:

   https://google-authenticator.p.rapidapi.com/enroll/?secret=GXPTBCTI4DX4UFJB&account=JohnDoe&issuer=AcmeCorp

   Users scan the QR code using Google Authenticator app and temporary codes now get generated.

4. Now you can validate the codes via:

   https://google-authenticator.p.rapidapi.com/validate/?code=266677&secret=GXPTBCTI4DX4UFJB

See full tutorial here https://rapidapi.com/chdan/api/google-authenticator/tutorials/easy-two-factor-authentication-(2fa)-with-google-authenticator.

Hope this helps.